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(54) Scrambling unit for a digital transmission system 



(57) An independant scrambling unit 1 for a digital 
audiovisual transmission system, the scrambling unit 1 
conprising an input for receiving an assembled trans- 
port packet stream from a physically separate mutti- 
plexer 4. a scrambling device for saambling the 
received transport stream according to a randomising 
control word and an output for sending the scrambled 
transport stream to a transmitter means for subsequent 
transmission. The scrambling unit 1 may also be used to 
Introduce other packet data in the data stream. 
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Description 

[0001] The present invention relates to a scrannbling 
unit for a digital audiovisual transmission system, in par- 
ticular for a digital television transmission system. 5 
together with a scrantbrmg system including such a 
scrarht)ling unit. 

[0002] Transmission of scrambled or encrypted data is 
well-known in the field of digital pay TV systems, where 
scramt)led audiovisual information is broadcast to a io 
number of subscribers, each subscriber possessing a 
decoder or receiver/decoder capable of descramt3ling 
the transmitted program for subsequent viewing. 
[0003] Saambiing of the data is usually carried out by 
the multiplexing device also responsible for assembling is 
the transmitted transport stream of data. The multi- 
plexer receives digital video, audio or other digital data 
and assembles a single transport packet stream. Each 
packet In the transport stream is usually of a predeter- 
mined length and contains a header and a payload. 20 
[0004] The packet header includes a packet ID or PID 
identifying the packet and corresponding to the type of 
data (vkJeo. audio etc) within the packet. The payload of 
the packet contains the audio, video or any other data 
such as application data processed by the 29 
receiverydecoder to provide extra functions, for example 
to generate a program guide etc. 
[0005] ConventionaOy. the payload data is scrambled 
by a rapidly changing random control woid generated 
by the multiplexer. This control word is then sent to the 30 
receiver/decoder within an ECM, or Entitlement Control 
Message inserted in the transport packet stream in con- 
junction with the scrambled data. The ECM contains 
other information such as access rights and is itsdf 
encrypted by an appropriate encryption key before 35 
transmission. 

[0006] The encrypted ECM is usually prepared by a 
separate access control system, proprietary to a partic- 
ular channel or service provider. The access control 
. system receives from the multiplexer the scrambling 4o 
control word, inserts the control word in an ECM, 
encrypts the whole ECM with the current encryption key 
and sends the encrypted ECM back to the multiplexer. 
The multiplexer then Inserts the encrypted ECM in the 
transport stream together with the scrambl ed data. 45 
[0007] The scran*led data and encrypted ECM are 
transmitted to a receiver/decoder having access to an 
equivalent of the enayption key so as to decrypt the 
ECM and thus obtain the control word to descramble 
the transmitted data. The exploitation key changes reg- so 
ularly and a decoder belonging to a paid-up subscriber 
will typically receive in a monthly EMM (Entitlement 
Management Message) the exploitation key necessary 
to decrypt the encrypted ECM for that month. 
[0008] The advantage of scrambling the data virith a ss 
control word generated by the multiplexer is that the 
system can be expanded to simultaneously scramble 
data tor a number of access control systems in parallel. 



This may be necessary, for example, where the content 
provkier is broadcasting to a mixed park of decoders, of 
different ages, characteristics etc. Each access control 
system receives the control word used at that moment 
by the multiplexQ- and. thereafter, generates its own 
proprietary ECM, which is sent to the multiplexer for 
incorporation in the transport packet stream. Such 
"simulcrypt** systems use the same control word to 
scramble all data. 

[0009] Whilst systems of this sort are relatively sinple 
in terms of implementation, the management of com- 
munications between the multiplexer and the access 
control systems may be difficult to implement. Further- 
more, the level of security Is often limited t>y the com- 
plexity of the algorithm used by the multiplexer to 
generate the scrambling control word. 
^1 0] it is an object of the present invention in its var- 
ious aspects and embodiments to overcome some or all 
of the problems of the prior art systems. 
[001 1 ] According to the present invention there is pro- 
vkied a scrambling unit for a digital audiovisual trans- 
mission system, the scrambling unit comprising an input 
for receiving an assentrfed transport packet stream 
from a physically separate multiplexer, a saambiing 
device for scrantsling the received transport stream 
according to a randomising control word ard an output 
for sending the scrambled transport stream to a trans- 
mitter means for subsequent transmission so as to per- 
mit the saambiing of the transport packet stream by the 
scrambling unit independently of the multiplexer opera- 
tions. 

[001 2] Unlike prior art systems, in which the scram- 
bling of the data is canied out by the multiplexer at the 
same time as it multiplexes together the various data 
streams to form the single transport stream, the present 
invention proposes an entirely different solution in which 
a discrete saambler unit receives via a dedicated input 
the already assembled transport stream. 
[0013] This solution facilitates the management of 
communications between each of the elements of the 
system through the division of functk>nality between 
separated saambiing and multiplexing parts of ,the sys- 
tem. Furthermore, since the scrambling unit is not con- 
strained by the usual limitations of muKiplexer scrambler 
devices, the level of conplexity of the scrambling algo- 
rithm can be increased. 

[0014] The scranrMing device may be adapted to carry 
out scrambling on some or all of the payload of selected 
packets of the transport stream packet. In a high "trans- 
port stream" scramt^ing level, all of the payload of a 
given transport stream packet may be saambled. for 
exan^le. Alternatively, only part of the paylokd of a 
packet may be scrambled. 

[001 5] In addition to the saambiing device, the scram- 
bling unit may also comprise a packet insertion means 
for inserting transport packet data in the transport 
stream. For example, the scranrtbling unit may be used 
to introduce packets containing the saambiing control 
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word within encrypted ECM messages. Other types of 
data may equally be inserted in the transport stream to 
make full use of available bandwidth, irrespective of the 
limitations of the multiplexer downstream of the unit. 
[0016] In one embodiment, the packet insertion 
means may act to insert a packet of data in the transport 
stream by detecting the presence of a null packet and 
replacing this packet by the packet to be inserted. A null 
packet is a packet generated during the operating cyde 
of the multiplexer that contains no data. It is convention- 
ally clentified by a characteristic PID value. 
[0017] The scrambling unit may further comprise a 
packet filter means for identifying and copying to a 
memory part or all of a predetermined transport packet. 
For example, the filter may be pre-programmed to iden- 
tify certain transport packets by their PID value that con- 
tain data to be modified by the scrambler, such as user 
specific tables or the like. Filtering may equally be car- 
ried out on part of a packet, e.g. by looking at the table 
ID within the payload of the transport packet eta 
[0018] Advantageously, the scrambling unit n^y also 
comprise a packet deletion means for deleting a prede- 
termined packet, for exanple, transforming the packet 
ID of the packet to that of a null packet. For example, 
where the packet Is to be filtered by its PID value and 
replaced by a nKXlified packet with the same PID value, 
it will be necessary to delete the original packet with this 
PID to avoid generation of multiple packets with the 
same PID. The packet to be deleted will then become a 
null packet, which wni thereafter be ignored or replaced 
another packet introduced by the packet Insertion 
means. 

[001 9] Preferably, the scrambling unit also comprises 
a packet counting means for counting the number of 
packets of a predetermined packet ID value in the 
received transport data stream. For example, the packet 
counting means may be used to count the number of 
null packets in the data stream to enable evaluation of 
the space available In the transport stream to insert 
ECM packets etc. 

[0020] Preferably, the scrambling unit also comprises 
a packet ID re-mapping means for changing the packet 
ID value assigned to a predetermined packet or set of 
packets. This may be used to remove the risk of any 
conflict between the PID value of an inserted packet 
and ttiat of a packet already present in the transport 
stream. 

[0021] The scrambling unit described above may 
operate in a stand alone nxxJe. Alternatively, the unit 
may form part of a scrambling system, the system fur- 
ther comprising a central control means for generating a 
control word sent to and received by the scrambling unit 
for scrambling tfie transport stream. The central control 
means may be implemented by a single PC. or a PC 
acting as a central control station in combination with a 
second PC and smart card for generating the control 
word. 

[0022] Preferably, the scrambling system further com- 



prises one or more access control systems connected 
to the central control means and adapted to receive a 
control word supplied by the central control means and 
to send back to the central control means an encrypted 
5 message e.g. an ECM message containing tiie control 
word, 

[0023] In this manner the central control means can 
coordinate generation of an ECM based on the same 
control word by a plurality of access control systems, in 

10 accordance with the "simulcrypt" principle, and transmit 
the ECMs and their associated control word to ttie 
scrambler, for synchronised insertion of the ECMs in the 
transport stream and scramt»ling of tiie transport data in 
accordance with the control word. 

IS [0024] Preferably, some or all of the data sent from tiie 
central control means to tiie scrantiling unit is auttienti- 
cated by tiie central control means by generation of a 
signature in accordance with a secret encryption key. In 
the case where a public^private encryption an^angement 

20 is used, the saambling unit possesses an equivalent 
public key permitting the scramt)ler to verify tiie origin of 
tiie data. In particular, all control word data sent to tiie 
scrambler shouW be autiienticated, to avoid tiie possi- 
bility of falsification of the conti'd word by breach of tiie 

25 connection between tiie two. 

[0025] Further security measures may also be intro- 
duced. e.g. by encrypting an transmitted data in accord- 
ance with a symmetric algorithm, the central control 
means and saambling unit each possessing the neces- 

30 sary keys for encryption and decryption of messages. 
[0026] The embodiment of tiie scrambling system 
above has been desaibed in relation to a single scram- 
bling unit, a single central control means etc. However, 
for reasons of reliability it may be desired to have at 

35 least one stand-by or back up for each of the elements 
of the system and. In a preferred embodiment, the sys- 
tem comprises a plurality of scrambling units and asso- 
ciated central control means associated witii the 
generation of tiie transport stream. In this way, the sys- 

40 tern may switch between control means and scrambling 
units in the event of failure or erroneous operation of the 
relevant part of ttie system. 

[0027] In the context of tiie present applk^tion the 
term (digital audiovisual transmission system) defers to 

45 all transmission systems for transmitting or broadcast- 
ing primarily audiovisual or multimedia digital data. 
Whilst tfie present invention is particularly applicable to 
a broadcast digital television system, the present inven- 
tion may equally be used in filtering data sent by a fixed 

60 telecommunications network for multimedia internet 
applications etc. 

[0028] The term MPEG refers to tiie data transmissk)n 
standards developed by tiie International Standards 
Organisation working group "Motion Pictures Expert 
55 Group" and notably the MPEG-2 standard developed fbr 
digital television applications and set out in the docu- 
ments ISO 13818-1. ISO 13818-2, ISO 13818-3. and 
IS0 13818-4. In the context of the present patent appli- 
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cation, the term includes all variants, modifications or 
developments of the basic MPEG formats applicable to 
the field of digital data transmission. 
[0029] There will now be described, by way of exam- 
ple only, a number of embodiments of the present inven- s 
tion, with reference to the attached figures, in which: 

Figure 1 shows the elements of a scrambling sys- 
tem of an embodiment of the invention; 
Figure 2 shows In detail the scrambling unit of Fig- io 
ure 1 ; and 

Figure 3 shows a further embodiment of the 
present invention. 

[0030] Referring now to Figure 1 , there is shown a is 
scrambling system for digital television system compris- 
ing a scrambling unit 1 and a central control means 
defined by a central control station 2 and a control word 
generator 3. Tlie control word generator 3 may be, as 
shown, a PC type computer including a smart card 2o 
reader adapted to receive a smart card containing an 
encryption key lor signing data (see below). Alterna- 
tively, the control word generator may be a rack type 
unit, an add-on card to be inserted in the control station 

2 etc. 25 

[0031] The scrambling unit 1 receives at its input 
unscrambled transport packets from a multiplexer 4 and 
passes a scrambled transport stream to a modulator 5 
for preparation prior to transmission via a suitable satel- 
lite transmission link or the like. 30 
[0032] The multiplexer 4 may be any conventional 
multiplexer conforming to the MPEG standard and 
capable of receiving digital video, audio, teletext etc 
information and producing a non-encrypted transport 
packet stream from this data. In a conventional MPEG ss 
broadcast system, video, audb etc data may be sup- 
plied to the multiplexer in the form of a packetised ele- 
mentary stream (PES). Other packet data may equally 
be multiplexed into the transport stream. 
[0033] The output of the multiplexer comprises a 4o 
sequ^ce of transport packets comprising a header and 
a payload containing the PES or other data. Depending 
on the data supplied to the multipiexer and the efficiency 
of the multiplexer, the packet stream may also comprise 
a greater a smaller number of so-called null packets 4$ 
containing no data. 

[0034] Other types of data in the data stream provkJed 
to the multiplexer may be divided up in sections. In addi- 
tion or alternatively, data may also be provided to the 
multiplexer in the form of a number of tables or modules, 6o 
the tables being downloaded and assembled by the 
rec^r/decoder at the other end of the transmission 
system to form the conplete application. In a similar 
manner to the packets in the transport packet stream, 
the tables may be Identified by means of a table ID or ss 
TID value. 

[0035] In the data stream, packets of data are identi- 
fied by their packet ID or PID, vkieo data having one PID 



value, audio data another etc. In the MPEG standard, 
null packets of data have the predetermined PID value 
of 0x1 FFF, By way of contrast, the PID value assigned 
to a given type of data (audio, video etc) may be deter- 
mined by the content provider. For further details 
regarding the packet structure of an MPEG transport 
stream, the form of PES and sectioned and tabulated 
data, the reader is referred to the International standard 
documents ISO 13818-1, ISO 13818-2. ISO 13818-3. 
and ISO 13818-4. These standards also set out the 
characteristics of the physical interface layer necessary 
to ensure compattoility between MPEG devices, notably 
the use of an Asynchronous Serial Interface (ASI) etc. 
[0036] The modulator 5 may be of any conventional 
type necessary to convert the digital transport packet 
stream into a form suitable for transmission via a tele- 
communications link such as a satellite, cable, network 
link etc. 

[0037] The scrambling unit 1 is additionally connected 
to receive ECM and control word data from the central 
control station 2. which is In turn connected to the con- 
trol word generator 3 and one or more conditional 
access systems 6. 7. The control word generator 3 com- 
prises a PC type computer capable of generating a ran- 
domised control word stream and Including a card 
reader for reading a smart card containing a private key 
for signing the random control word data tiius gener- 
ated. 

[0038] The central control station 2 may also comprise 
a PC or the like and, indeed, may even be integrated 
with the control word generator 3. In accordance with 
the prindples of a "simulcrypt" system, the same control 
word is used to encrypt ttie transmissions for a number 
of access control systems. Each access control system 
encrypts the control word and other data with its own 
encryption key in order to prepare an ECM message for 
broadcast to 6ii>scribers using this access control sys- 
tem. 

P)039] The central control station 2 is therefore config- 
ured to pass the control word data via a suitable com- 
munications link to the access systems 6. 7 which 
prepare encrypted ECM messages which are sent t>ack 
to the central control station 2. The central control sta- 
tion 2 then sends the ECM messages (in the form of one 
or more transport packets) and associated control word 
data via, for example, a TCP/IP link to the scrambling 
unit 1. 

[0040] In order to avoid the possibility of the commu- 
nication link being compromised and the control word 
data being substituted by other data originating outskJe 
of the system, the control word data Is signed at the 
moment of generation by a private key held on the 
smart card associated witii the generator 3. as 
described above. The scrambling unit 1 possesses an 
equivalent public key that may be used to authenticate 
the signed data, in accordance with known private/pub- 
lic key authentication metiiods. In the event tiiat the con- 
trol word data is not conrectly authentteated, the 



7 



EP0 926 894 A1 



8 



scrambling unit may refuse to carry out scrambling of 
the transport packet stream. 
[0041] Further encryption of communications passed 
between the control station 2 and scrambling unit 1 may 
also be carried out. for example, through the use of a 
symmetric encryption scheme and a pair of private-keys 
held by the central control means and scrambling unit. 
[0042] Referring now to Figure 2, the structure of the 
scrambling unit of Figure 1 will now be described in 
detail. As will be understood, some of the elements 
shown here represent functional blocks within the 
decoder that may be implemented in either hardware or 
software form or in a combination thereof. 
[0043] The unit 1 receives via inputs 10, 1 1 the non- 
encrypted transport stream output from the multiplexer. 
In order to provide a degree of security against prob- 
lems in the link between the multiplexer and the scram- 
bling unit, a double connection is provkled, as shown, 
with the same transport stream being received at each 
of the inputs 10, 11. The connection may also be used 
to manage redundancy of data streams originating from 
different multiplexer sources. 
[0044] Information regarding the synchronisation and 
timing of the packets in the MPEG packet stream is pro- 
vided to a centra] microprocessor 15 by the decoder 
and synchronisation elements 12, 13. The decoder and 
synchronisation elements detect that the data con'e- 
spends to an MPEG stream at a physical level (conrect 
ASI characteristics etc). The synchronisation element 
recovers the MPEQ synchronisation byte to ensure sub- 
sequent synchronous processing of the data. These 
elements are conventional and are found, for example, 
in MPEG receiver/decoder units as an element of the 
decryption link. 

[0045] In the event of any fault in the stream received 
via one of the inputs, the microprocessor controls a 
switching element 14 to change to the stream received 
via the other input. As will be seen, given the necessity 
to maintain a continuous flow of transmitted data, this 
sort of redundancy may be repeated at other levels in 
the scrambling system. 

[0046] As will be described, the tran^rt stream out- 
put via the outputs 18. 19 is norn^lly scrambled. How- 
ever, in order to provide an unsaambled and unaltered 
output from the unit, either for testing purposes or to 
bypass the scrambling circuitry in the event of a fault, 
the unit further includes emergency bypass switches 
16, 17 manually operable and which enable the trans- 
port packet stream (received via either or both inputs) to 
be directly passed through the unit. 
[0047] As shown by the aoss-connection 20, the 
input/output link in the bypass mode may be switched 
such that the stream received via the input 10 emerges 
via the output 18, whilst that received via input 11 
emerges via the output 19. Alternatively, by changing 
the conTiguration of the connection 20, input 10 may be 
connected to output 19 and input 11 to output 18. The 
cross-section 20 may be implemented, for example, by 



externa! leads plugged into the unit, the configuration of 
which may be changed as desired. TWs cross-connec- 
tion again enables verification of the individual commu- 
nication channels to be more easily effected. 

5 [0048] The advantage of such an implementation is 
that the bypass is completely passive such that the sig- 
nal can pass through the unit, even in the case of a 
power failure. If activated by a relay, the bypass can be 
automatically activated when a power failure occurs. . 

10 [0049] The functioning of the elements of the PID . 
counter 21, PID filter 22. PID deletion unit 23. PID re- 
mapping unit 24, packet insertion unit 25 and scrambler 
26 will now be described. As will become clear, some of 
these elements such as the PID filter 22 and PID coun- 

16 ter 21 are known in the context of a receiver/decoder 
where they are used in the demultiplexing and descram- 
bling operations carried out on a received transport 
stream. 

[0050] Similarly, the elements such as the scrambler 
20 26, packet insertion unit 25. PID re-mapping unit 24 and 
PID deletion unit 23 are known In the context of a con- 
ventional combined multiplexer/scrambling device. 
Whilst there will therefore be no difficulty for one skilled 
in the art to assemble and construct these elements, it 
25 will nevertheless be appreciated that the specific combi- 
nation and juxtaposition of such elements In the context 
of an external unit as described is nevertheless entirely 
original. 

[0051] The PID counter 21. programmable by the 
30 microprocessor 1 5 may be used to verify the presence 
or absence of packets with a predetermined PID value 
in the transport packet stream as well as to count the 
number of packets bearing this PID value that are 
present in a given block of transport packets. In particu- 
35 lar, the PID counter 21 may be used to count the 
number of null packets present in the tran^Dort stream 
(MPEQ PID value: 0x1 FFF) so as to evaluate the bit 
rate available for tnsertton of further-packets (see 
below). Alternatively, the counter 21 may be used to 
40 detect the presence of a packet such as a private data 
packet or the like which is to be modified or deleted by 
the unit. 

[0052] In Older to more fully analyse the data stream, 
a PID filter and demux unit 22 is used to filter out packet 

45 sequences of a given P ID value and to copy these pack- 
ets to the memory 27. The filter unit 22 may also be 
used to carry out filtering at a lower level in the transport 
packet stream, for example, a filtering of sections and/or 
tables of data within the payload of a transport packet. 

60 As In conventional filter units used In a 
receiver/decoder, the fitter 22 may be programmed to 
recognise table ID values, table ID extension values, 
section data etc. 

[0053] The configuration of the filter 22 is set by the 
55 microprocessor 1 5, which is In turn connected via a net- 
work adapter 28 and a TCP/IP link to the central control 
station shown in Figure 2. The central control station 
can therefore choose which packets to filter out of the 
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data stream. 

[0054] An accessed or filtered packet in the data 
stream is copied b/ the filter 22 into the memory 27 
associated with the microprocessor 15. The packet 
stored in the memory may then be transmitted via the 
TCP/IP link to the central control station for further anal- 
ysis or modification. The central control station may 
decide, for example, to fitter out certain private data 
packets of a given PID value for nx)dification or may 
require modification of the packets used to describe the 
contents of the transport stream in the event that 
entirely new packets with a new PID value are to be 
inserted In the transport stream. 
[0055] As will be understood, the f^ct that a given 
packet has been filtered and copied into the memory 
does not mean that the packet has been physically 
removed from the transport stream. Accordingly, in the 
event that packets of a given PID value are to be 
inserted in the transport stream, it will be necessary to 
delete the present packets having this value to avoid 
collision. In order to do this, the packet deletion unit Is 
adapted to transform packets of a given PID value to 
null packets, by, int^ alia, changing the PID value of the 
packets to the PID value of a null packet. Specifically, in 
the case of an MPEG standard pad^t the following 
changes shall be carried out on the packet header: 

PID value forced to 0x1 FFF 
Transport_scrambling_confrol torc&i to 00 
Adaptationjield_controi forced to 01 
Pay!oad_unit_6tartJndicator forced to 0 

[0056] As will be understood, null packets in the trans- 
port stream are not read since they supposedly contain 
no payload and the packets thus transformed are for all 
intents and purposes deleted. Furthermore, as win be 
described, the packet insertion unit 25 is in fact adapted 
todetect and replace any null packets by packets held in 
the memory for insertion In the transport stream. 
[0057] In addition and in the same way that the dele- 
tion unit 23 deleted certain PID packets to null packets 
by changing their PID value, a PID re-mapping unit may 
be provided to change any given PID to a new PID 
value. T^'s may be required to circumvent limitations of 
the original multiplexer that supplieis the multiplexed 
transport stream to the scrambling unit and/or to avoid 
PID conflicts with new packets to be inserted into the 
transport stream. For example, the unit may be config- 
ured as follows: 



Incoming PID value 


Re-mapped PID value 


0x20 


0x0100 


0x21 


0x0101 


0x22 


0x0200 



(continued) 



Incoming PID value 


Re-mapped PID value 


0x23 


0x0201 



[0058] Only the PID field in the transport packet 
header is modified. Transport packets not designated by 
these PID values remain unchanged. As with the dele- 
tion unit the configuration of the PID re-mapping unit is 

10 in practice determined by the central control station. In 
the event that the packet insertion unit 25 has been pro- 
grammed to insert packets of a PID value not present in 
the original transport stream, re-mapping of the PID val- 
ues may not be necessary. In oontrast. in the event that 

IS a potential conflict has been detected, the PID le-rmp- 
ping unit will re-map the conflicting PID value in the orig- 
inal transport stream to a new value. 
[0059] Turning now to the packet insertion unit 25, this 
unit is adapted to insert a transport packet held in the 

20 memory 27 to replace any null packet present in the 
transport stream. No change or management of the PID 
values of the inserted packets is effected by the unit 25. 
As mentioned above, potential PID conflicts are handled 
by the PID re-mapping unit 24 and the PID deletion unit 

25 23. 

[0080] Packets may be inserted In the transport 
stream in a number of different ways: 

1. Cyclic data insertion. This may be used, for 

30 example, to introduce static tables of data. In this 
case, the packets are stored in a queue in the mem- 
ory 27, a scheduler reading each of the queues at 
regular intervals to introduce the packet data in a 
cyclic fashion into the stream, a packet being intro- 

35 duced at each occurrence of a null pactet. The 
scheduler handles the continuity counter (ib the 
sequential number of the packet) within the packet 
sequence to ensure the correct numbering of the 
transmitted sequence. 

40 2. ECM synchronised insertion. In this case. ECM 
messages are received from the control station 
together with the assodated control word data The 
ECM messages are inserted as cydic data, syn- 
chronised with the scrambGng operation carried out 

45 by the scrambler 26 using the control wofd data. 

3. One shot data insertion. In this case, a packet 
sequence is inserted one time only in the transport 
stream. The sequence is stored in a FIFO queue in 
the memory, the next packet in the queue being 

so inserted at the occurrence of the next null packet. In 
this case, the continuity counter of the packets in 
the sequence may be pre-set before being received 
by the scrambling unit. One shot data insertion may 
be used to insert data received from the control sta- 

65 ton 2, or from other sources, such as EMM gener- 
ators. 

P)061 ] Packets or sequences of packets sent from the 
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central control station 2 to the scrambling unit 1 in any of 
these operations may be id^ified with an assodated 
identity value, such that the central control station can 
override or catl-back the insertion of a packet or 
sequence of packets in the transport stream. 5 
[0062] Ttie transport packet stream, modified and 
including the desired ECM messages is then passed to 
the scrambler 26. The scrambler 26 may conform to a 
digital scrambler as used in any conventional multi- 
plexer/scrambler device. In order to carry out scram* 10 
bling of the transported data (but not of the ECM 
messages) the scrambler is provided with the neces- 
sary PID information to prepare groups of packets hav- 
ing RID values indicating that they are to be scrambled. 
[0063] Scrambling may be carried out at a transport ie 
stream level, i.e. on the whole of the payload of a trans- 
port packet, or (e.g. for audio/visual type data) at a PES 
stream level, i.e. on the payload of the PES packets 
contained within the transport packets. Either type of 
scrambling may be desired accocding to the require- 20 
ments of the service provider. 
[0064] The scrambler carries out scrambfing of the 
data according to the control word provided by the cen- 
tral control station 1. As described above, the control 
word data Is signed at the central control station by a 25 
private key and the control word and signature sent to 
the unit 1. The unit 1 includes a smart card reader 
adapted to read a smart card 29 containing the equiva- 
lent public key. At the same time as the control word is 
passed to the scranrtbler 26. the microprocessor 1 5 ver- 30 
ifies the signature using the public key, as shown, in the 
event that there Is a failure in the authentication proc- 
ess, the 8crant)ler 26 may be instructed to terminate 
the scrambling process or to ignore the control word 
that has been received. as 
[0065] As mentioned atx^ve. communications 
between the central control station and the scrambling 
unit may be further encrypted by means of a symmetric 
algorithm and, in this case, the smart card 29 may also 
contain the key necessary to deaypt communicated 40 
data before the authentication step. 
[0066] In additioa in the case where the scrambling 
unit is adapted to receive data sent from other sources 
independent of the central control station (e.g. an EMM 
source), the network used to send messages from the 45 
central control station to the scrarrMing unit may be 
physically separate from the network used to receive 
messages received from other sources. In this case, the 
network adapter 28 will include two separate network 
interfaces, the interface for receiving data from other so 
sources being "read-only" to prevent the unit being re- 
progranrtmed by sources external of the scrambling sys- 
tem. 

[0067] As shown, the saambling unit 1 further 
includes outputs 30. 31 to enable a clear transport ss 
stream output to be read from the unit. Unlike the output 
obtained by the bypass switches 16.17. the outputs 30. 
31 represent the transport stream after modification by 



insertion/deletion of packets etc. but before scrambling 
is earned out. These outputs can be used for sun/ell- 
lance of the operation of the unit and monitoring of the 
result of the operations in clear. In addition, the unit may 
include a standard RS232 interface 32 to enable interro- 
gation of the microprocessor for test purposes. 
[0066] Figure 3 shovi^ a further embodiment of the 
present Invention, in which a number of the elements of 
the system of Figure 1 have been duplicated in order to 
provide a degree of security through redundance of the 
elements. In particular, a standby central control unit 2a 
and control word generator 3a together with a standby 
scrambling unit la have been indicated. 
[0069] The parts of the access control systems con- 
cerned with generation of an ECM have also been dupli- 
cated and this has been indicate by the reference 
numbers 6a. 7a. Audio, video etc signals may also be 
passed by a standby multiplexer 4a. Furthermore, a 
second transmission channel for generation of an 
MPEG transport channel may also be handled by the 
present system. This has been indicated by the multi- 
plexer 40 (and its standby 40a), scrambling unit 41 (and 
its stan<toy 41a) and modulator 42. 
[0070] The redundancy of the various elements in the 
system may be managed by a communication link 
between the control stations 2, 2a and/or a link to a 
supervisor or remote terminal indicated t>y the line 43. 
In particular, a ^tteartbeaf signal may be provided from 
the station 2 to the station 2a, the control station 2a act- 
ing to take control of the generation of ECM messages 
and control word data in the event of any interruption of 
this signal. Similarly, the scrambler units 1.1a may be 
slaved to the control stations to enable transfer of func- 
tions between the two in the event of failure of one or the 
other scrambling unit. 

Claims 

1. A scrambling unit for a digital audiovisual transmis- 
sion system, the saambling unit comprising an 
input for receiving an assembled transport packet 
stream from a physically separate multiplexer, a 
scrambling device for scrambling the received 
transport stream according to a randomising con- 
trol word and an output for sending the scrambled 
transport stream to a transmitter means for subse- 
quent transmission, so as to permit the scramUing 
of the transport packet stream by the scrambling 
unit independently of the multiplexer operations. 

2. A scrambGng unit as claimed in claim 1 in which the 
scrambling device is adapted to carry out scram- 
bling on some or all of the payload of selected pack- 
ets of the tran^rt stream packet. 

3. A scrambling unit as claimed in claim 1 or 2 further 
comprising a packet insertion means fbr inserting 
transport packet data in the transport stream. 
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4. A scrambling unit as claimed In claim 3 in which the 
packet insertion means inserts a packet of data in 
the transport stream by detecting the presence of a 
null packet and replacing a null packet by the packet 

to be inserted. 5 

5. A scrambling unit as claimed in any preceding claim 
further comprising packet filter means for identify- 
ing and copying to a memory part or ail of a prede- 
termined transport packet. io 

6. A scrambling unit as claimed in any preceding claim 
further comprising packet deletion means for delet- 
ing a predetermined packet or set of packets. 



A scrambling unit as claimed in claim 6 wherein the 
packet deletion means deletes a packet by trans- 
forming the pactet ID of the packet to that of a null 
packet. 
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A scrambling unit as claimed in any preceding claim 
further comprising packet counting means for 
counting the number of packets of a predetermined 
packet ID value in the received transport data 
stream. 25 



9. A scrambling unit as claimed in any preceding claim 
furth©" comprising packet ID re-mapping means for 
changing the packet ID value assigned to a prede- 
termined packet or set of pad^. 30 

10. A scrambling system comprising a scrambling unit 
as claimed in any preceding daim together with 
central control means for generating a control word 
sent to and received by the scrambling unit for 35 
scrambling the transport streani 



11. A scrambling system as claimed in claim 10 further 
comprising one or more access control systems 
connected to the central control means and 40 
adapted to receive a control word supplied by the 
central control means and to send back to the cen- 
tral control means an encrypted message contain- 
ing the control word. 

45 

1 2. A scrambfing system as claimed in claim 10 or 1 1 in 
which some or all of the data sent from the central 
control means to the scrambling unit is authenti- 
cated by the central control means by generation of 

a signature in accordance with a secret encryption so 
key 

13. A scrambling system as claimed in any of clain^ 
10. 11 or 12 comprising a plurality of scrambling 
units and associated central control means associ- ss 
ated with the generation of a single transport 
stream. 
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